Segment routing extension headers

ABSTRACT

A system and method are disclosed for using segment routing (SR) in native IP networks. The method involves receiving a packet. The packet is an IP packet and includes an IP header. The method also involves updating the packet. Updating the packet involves writing information, including a segment routing segment identifier, to the destination address of the packet.

RELATED APPLICATIONS

The present patent application is a continuation of U.S. patentapplication Ser. No. 16/050,180 filed Jul. 31, 2018, entitled “SegmentRouting Extension Headers”; which is a continuation of U.S. patentapplication Ser. No. 15/677,210 filed Aug. 15, 2017, entitled “SegmentRouting Extension Headers,” now U.S. Pat. No. 10,063,475 and issued onAug. 28, 2018; which is a continuation of U.S. patent application Ser.No. 14/212,084 filed on Mar. 14, 2014, entitled “Segment RoutingExtension Headers”, now U.S. Pat. No. 9,762,488 and issued on Sep. 12,2017; which claims the domestic benefit under Title 35 of the UnitedStates Code § 119(e) of U.S. Provisional Patent Application Ser. No.61/948,811 filed on Mar. 6, 2014 entitled “Segment Routing ExtensionHeaders.” All are hereby incorporated by reference in their entirety andfor all purposes as if completely and fully set forth herein.

BACKGROUND

Network nodes are capable of receiving and forwarding packets. Networknodes may take form in one or more routers, one or more bridges, one ormore switches, one or more servers, or any other suitable communicationsprocessing device. A packet is a formatted unit of data that typicallycontains control information and payload data. Control information mayinclude, for example: source and destination IP addresses, errordetection codes like checksums, sequencing information, and the like.Control information is typically found in packet headers and trailers,and payload data is typically found in between the headers and trailers.

Packet forwarding involves decision processes that, while simple inconcept, can be complex. Since packet forwarding decisions are handledby nodes, the total time required to perform packet forwarding decisionprocesses can become a major limiting factor in overall networkperformance Different types of networks can employ different packetforwarding mechanisms. Ensuring interoperability between the types ofnetworks and packet forwarding mechanisms enables advantages from onetype of packet forward mechanism to be leveraged in multiple networktypes.

BRIEF DESCRIPTION OF THE DRAWINGS

A more complete understanding of the present disclosure may be acquiredby referring to the following description and accompanying drawings, inwhich like references numbers indicate like features.

FIG. 1 is a block diagram illustrating an example network.

FIG. 2 is a block diagram illustrating an example IPv6 packet.

FIG. 3 is a block diagram illustrating an example SR extension headerwith a segment list.

FIGS. 4A-4F show additional details regarding an example SR extensionheader with a segment list.

FIG. 5 is a block diagram illustrating an example format for adestination address.

FIG. 6 is a flow chart illustrating an example process employed by anode.

FIG. 7 is a flow chart illustrating an example process employed by anode.

FIG. 8 is a flow chart illustrating an example process employed by anode.

FIG. 9 is a flow chart illustrating an example process employed by anode.

FIG. 10 is a flow chart illustrating an example process employed by anode.

FIG. 11 is a block diagram illustrating an example SR trace extensionheader.

FIGS. 12A-12F show additional details regarding an example SR traceextension header.

FIG. 13 is a flow chart illustrating an example process employed by anode.

FIG. 14 is a flow chart illustrating an example process employed by anode.

FIG. 15 is a flow chart illustrating an example process employed by anode.

FIGS. 16A-16E show examples of modifications made to portions of apacket's headers.

FIG. 17 is a block diagram illustrating certain components of an examplenode that can be employed in the network of FIG. 1.

While the present disclosure is susceptible to various modifications andalternative forms, specific embodiments of the present disclosure areprovided as examples in the drawings and detailed description. It shouldbe understood that the drawings and detailed description are notintended to limit the present disclosure to the particular formdisclosed. Instead, the intention is to cover all modifications,equivalents and alternative falling within the spirit and scope of thepresent disclosure as defined by the appended claims.

DETAILED DESCRIPTION

Overview

A system and method are disclosed for using segment routing (SR) innative IP networks. The method involves receiving a packet. The packetis an IP packet and includes an IP header. The method also involvesupdating the packet. Updating the packet involves writing information,including a segment routing segment identifier, to the destinationaddress of the packet.

Packet Forwarding Mechanisms

Internet protocol (IP) routing and multi-protocol label switching (MPLS)are distinct packet forwarding mechanisms. IP routing uses IP addressesinside packet headers to make packet forwarding decisions. In contrast,MPLS implements packet forwarding decisions based on short pathidentifiers called labels, which are attached to packets. Segmentrouting (SR) is yet another packet forwarding mechanism. SR is similarto MPLS in many regards. For example, packet forwarding decisions in SRcan be based on short path identifiers called segment IDs attached topackets. However, substantial differences exist between SR and MPLS aswill be more fully described below.

IP Routing

IP routing uses IP forwarding tables, which are created at nodes usingrouting information distributed between nodes via one or more protocolslike the internal gateway protocol (IGP) and/or the border gatewayprotocol (BGP). In simple terms, IP forwarding tables map destinationaddresses to the next hops that packets take to reach theirdestinations. When a node receives a packet, the node can access aforwarding table using the destination address in the packet and lookupa corresponding egress interface for the next hop. The node thenforwards the packet through the egress interface. The next hop thatreceives the packet performs its own forwarding table lookup using thesame destination IP address, and so on.

MPLS and LDP

MPLS is commonly employed in provider networks. Packets enter an MPLSnetwork via an ingress edge node, travel hop-by-hop along alabel-switched path (LSP) that typically includes one or more corenodes, and exit via an egress edge node.

Packets are forwarded along an LSP based on labels and LDP forwardingtables. Labels allow for the use of very fast and simple forwardingengines in the data plane of nodes. Another benefit of MPLS is theelimination of dependence on a particular Open Systems Interconnection(OSI) model data link layer technology to forward packets.

A label is a short, fixed-length, locally significant identifier thatcan be associated with a forwarding equivalence class (FEC). Packetsassociated with the same FEC should follow the same LSP through thenetwork. LSPs can be established for a variety of purposes, such as toguarantee a certain level of performance when transmitting packets, toforward packets around network congestion, to create tunnels fornetwork-based virtual private networks, etc. In many ways, LSPs are nodifferent than circuit-switched paths in ATM or Frame Relay networks,except that they are not dependent on a particular Layer 2 technology.

LDP is employed in the control planes of nodes. Two nodes, called LDPpeers, can bi-directionally exchange labels on a FEC-by-FEC basis. LDPcan be used in a process of building and maintaining LDP forwardingtables that map labels and next hop egress interfaces. These forwardingtables can be used to forward packets through MPLS networks as morefully described below.

When a packet is received by an ingress edge node of an MPLS network,the ingress node may determine a corresponding FEC. Characteristics fordetermining the FEC for a packet can vary, but typically thedetermination is based on the packet's destination IP address. Qualityof Service for the packet or other information may also be used todetermine the FEC. Once determined, the ingress edge node can access atable to select a label that is mapped to the FEC. The table may alsomap a next hop egress interface to the FEC. Before the ingress edge nodeforwards the packet to the next hop via, the ingress node attaches thelabel.

When a node receives a packet with an attached label (i.e., the incominglabel), the node accesses an LDP forwarding table to read a next hopegress interface and another label (i.e., an outgoing label), both whichare mapped to the incoming label. Before the packet is forwarded via theegress interface, the node swaps the incoming label with the outgoinglabel. The next hop receives the packet with label and may perform thesame process. This process is often called hop-by-hop forwarding along anon-explicit path. The penultimate node in the LSP may pop or remove theincoming label before forwarding the packet to an egress edge node inthe network, which in turn may forward the packet towards itsdestination using the packet's destination address and an IP forwardingtable.

Segment Routing

Segment routing (SR) is a mechanism in which nodes forward packets usingSR forwarding tables and segment IDs. Like MPLS, SR enables very fastand simple forwarding engines in the data plane of nodes. SR is notdependent on a particular Open Systems Interconnection (OSI) model datalink layer technology to forward packets.

SR nodes (i.e., nodes employing SR) make packet forwarding decisionsbased on segment IDs as opposed to labels, and as a result SR nodes neednot employ LDP in their control planes. Unless otherwise indicated, theSR nodes described below lack LDP in the control plane.

Packets can enter an SR enabled network (i.e., a network of nodes thatare SR enabled) via an ingress edge node, travel hop-by-hop along asegment path (SP) that includes one or more core nodes, and exit thenetwork via an egress edge node. Like labels, segment IDs are short(relative to the length of an IP address or a FEC), fixed-lengthidentifiers. Segment IDs may correspond to topological segments of anetwork, services provided by network nodes, etc. Topological segmentsrepresent one-hop or multi-hop paths to SR nodes. Topological segmentsact as sub-paths that can be combined to form an SP. Stacks of segmentIDs can represent SPs, and SPs can be associated with FECs as will bemore fully described below.

There are several types of segment IDs including nodal segment IDs,adjacency segment IDs, area segment IDs, service segment IDs, etc. Nodalsegment IDs are typically assigned to nodes such that no two SR nodesbelonging to a network domain are assigned the same nodal segment ID.Nodal segment IDs can be mapped to unique SR node identifiers such asnode loopback IP addresses (hereinafter node loopbacks). In oneembodiment, all assigned nodal segment IDs are selected from apredefined ID range (e.g., [32, 5000]). A nodal segment ID correspondsto a one-hop or a multi-hop, shortest path (SPT) to an SR node assignedthe nodal segment ID, as will be more fully described below.

An adjacency segment ID represents a direct link between adjacent SRnodes in a network. Links can be uniquely identified. For purposes ofexplanation only, this disclosure will identify a link using theloopbacks of nodes between which the link is positioned. To illustrate,for a link between two nodes identified by node loopback X and nodeloopback Y, the link will be identified herein as link XY. Becauseloopbacks are unique, link IDs are unique. Link IDs should not beconfused with adjacency segment IDs; adjacency segment IDs may not beunique within a network. This disclosure will presume that only one linkexists between nodes in a network, it being understood the presentdisclosure should not be limited thereto.

Each SR node can assign a distinct adjacency segment ID for each of thenode's links. Adjacency segment IDs are locally significant; separate SRnodes may assign the same adjacency segment ID, but that adjacencysegment ID represents distinct links. In one embodiment, adjacencysegment IDs are selected from a predefined range that is outside thepredefined range for nodal segment IDs.

SR nodes can advertise routing information including nodal segment IDsbound to loopbacks, adjacency segment IDs mapped to link IDs, etc.,using protocols such as IGP and/or BGP with SR extension. Nodes can usethe routing information they receive to create or update SR forwardingtables. To illustrate, SR nodes may use the routing information theyreceive and protocols such as open shortest path first (OSPF) with SRextension in order to create topology maps of the network, which in turncan be used to identify next hop egress interfaces of shortest paths(SPTs) to respective node loopbacks. The identified SPT or next hopegress interfaces are then mapped to respective nodal segment IDs in anSR forwarding table. Nodes can also map their adjacency segment IDs toegress interfaces for respective links in SR forwarding tables. Becauseadjacency segment IDs are locally significant, however, adjacencysegment IDs should only be mapped in SR forwarding tables of the nodesthat advertise the adjacency segment IDs. In other words, an SR nodethat advertises an adjacency segment ID should be the only node in thenetwork area that has an SR forwarding table that maps the adjacencysegment ID to an egress interface.

As noted above, SR enables segment paths (SPs), which can be used fortransporting packets through a network. SPs can be associated with FECs,and can be established for a variety of purposes. Packets associatedwith the same FEC normally traverse the same SP towards theirdestination. Nodes in SPs make forwarding decisions based on segmentIDs, not based on the contents (e.g., destination IP addresses) ofpackets. As such, packet forwarding in SPs is not dependent on aparticular Layer 2 technology.

Edge nodes and/or other devices (e.g., a centralized control planeserver) of an SR network use routing information (nodal segment IDsbound to loopbacks, adjacency segment IDs mapped to link IDs, etc.) theyreceive in link advertisements to create ordered lists of segment IDs(i.e., segment ID stacks). Segment ID stacks correspond to respectiveSPs. Individual segment IDs in a segment ID stack may correspond torespective segments or sub paths of a corresponding SP.

When an SR ingress edge node receives a packet, the node or acentralized control plane server in data communication with the node,can select an SP for the packet based on information contained in thepacket. In one embodiment, a FEC may be calculated for the packet usingthe packet's destination address. The FEC is then used to select asegment ID stack mapped thereto. The ingress edge node can attach theselected segment ID stack to the packet via an SR header. The packetwith the attached segment ID stack is forwarded along and can traversethe segments of the SP in an order that corresponds to the list order ofthe segment IDs in the segment ID stack. A forwarding engine operatingin the data plane of each SR node can use the top segment ID within thesegment ID stack to lookup the egress for the next hop. As the packetand attached segment ID stack are forwarded along the SP in a hop-by-hopfashion, segment IDs can be popped off the top of the segment ID stack.In another embodiment, the attached stack of segment IDs remainsunchanged as the packet is forwarded along the SP. In this embodiment, apointer, or some other information is used to identify an active segmentID in the segment ID stack. The pointer can be advanced as the packet isforwarded along the SP. In contrast to MPLS, however, segment IDs aretypically not swapped as the packet and attached segment ID stack areforwarded along the SP.

Segment Routing in IPv6 Networks

As discussed above, SR has numerous advantageous properties. However,some networks do not inherently provide SR functionality. For example, anative IPv6 network uses IPv6-compatible protocols in the control planeand data plane. This means that the control protocols which nodes use toexchange forwarding information in an IP network do not explicitlysupport SR. Likewise, the data plane in some IPv6 networks, if notmodified, does not support SR forwarding operations. And even in caseswhere a network does support SR, there may be portions of the networkthat do not use SR. For example, home networks, where packets aregenerated at hosts and sent to servers, generally do not use SR betweenthe host that generates the packets and servers that digest the packets.At another end of the network, e.g., a datacenter, SR is also not usedin some instances. In these network edge examples, IP is often used toforward packets, and SR is often not used.

IPv6 is a version of IP routing that improves upon previous versions.For example, IPv4 uses 32-bit addresses. IPv6, on the other hand, uses128-bit addresses, which significantly increases the number of addressesthat can be assigned to network devices. Another feature provided byIPv6 is the capability to define extension headers. Extension headersare optional headers used to carry additional information in a packetheader. Extension headers are placed in the packet between the fixedIPv6 header and an upper-layer protocol header (e.g., a TCP header).

To use SR in an IP network, such as the network shown in FIG. 1,modifications are made to the IPv6 data plane that allow a packet toencode a list of segments (e.g., a segment ID stack) in an IPv6 packetheader and forward the packet according to the list of segments. This isaccomplished using the extension headers provided by IPv6. One type ofSR extension header is an SR extension header that includes a segmentlist, or segment ID stack, that is used to forward a packet along the SPdefined by the segment ID stack. This is known simply as an SR extensionheader. A second type of SR extension header is an SR trace header. AnSR trace header provides operation, administration, and management (OAM)functions, such as collecting information identifying the route taken bya packet, whether the packet was rerouted, and the like.

FIG. 1 shows an example network 100. Network 100 is a native IPv6network. The nodes in network 100 are configured to use IPv6 in thecontrol and data plane. Network 100 includes an SR domain that includesseveral nodes that are configured to use SR to forward packets. Theseare SR nodes 106-112. The SR domain is in communication with non-SRnodes 104 and 114. Non-SR nodes 104 and 114 do not use SR to forwardpackets. Instead, they use another packet forwarding mechanism, such asIPv6. SR nodes 106-112 are assigned unique nodal-segment IDs 65-67,respectively. In addition to the nodes shown, network 100 can includeany number of nodes in between the nodes shown. The nodes that are notshown can be SR nodes and/or IP nodes.

Each of the SR nodes 106-112 have interfaces that are identified asshown. For example, node 108 has two interfaces designated 1-2,respectively. Each of the nodes 106-112 is assigned a unique loopback.Loopbacks B-E are assigned to nodes 106-112, respectively. Theseloopbacks are unique in the network and can be used for severalpurposes, such as calculating the topology of network 100, which in turncan be used to create SPs and/or to identify SPTs and thus next hopegress interfaces, for SR forwarding tables. Nodes 106-112 can alsoassign locally significant adjacency-segment IDs. For example, node 108can assign adjacency-segment IDs 9001-9002 to links CB and CD,respectively.

Each of SR nodes 106-112 can advertise routing information to the othernodes in network 100 using IGP with SR extension. For example, node 108can generate and send one or more link state advertisements that includeadjacency-segment IDs 9001-9002 bound to link IDs CB and CD,respectively, and nodal-segment ID 66 bound to loopback C. One ofordinary skill understands that link state advertisements may containadditional information. Using the advertisements they receive, thecontrol planes of nodes 106-112 can generate respective SR forwardingtables for use in the data planes. For example, node 108 can generateexample SR forwarding table that maps adjacency-segment IDs 9001-9002 tonode interface IDs 1-2, respectively, and nodal-segment IDs such as 65and 67 to node 108 interfaces 1 and 2, respectively, which are the SPTnext hop egress interfaces determined by node 108 for loopbacks B and D,respectively.

Node 106 is an ingress edge node for the SR domain. Node 106 isconfigured to receive packets that are not SR packets, e.g., packetsthat do not contain SR information, and modify the packets such that thepackets can be forwarded by SR nodes using SR. In one embodiment, thisinvolves adding a SR extension header to a packet. Node 106 can also adda trace extension header to provide OAM functions for packets forwardedusing SR. The SR extension headers are used by the SR nodes to forwardpackets using SR and record information regarding the forwarding. Thatis, forwarding operations are performed by the SR nodes based upon thesegment identifiers (IDs) included in the segment list. Node 112 is anegress edge router for the SR domain. Node 112 can remove SRinformation, such as SR extension headers, from the packet beforeforwarding the packet to Node 114.

FIG. 2 is a block diagram illustrating an example IPv6 packet. As shownat 202, the packet includes an IPv6 header. The IPv6 header includes,among other fields, a source address field and a destination addressfield. The source address field identifies a network device from whichthe packet originated. In IPv6, a source address is 128 bits. Thedestination address identifies the node to which the packet is destined.Similar to the source address, the destination address used by IPv6nodes is 128 bits.

IPv6 headers support multiple types and numbers of extension headers.The IPv6 header shown in FIG. 2 includes, at 204, an SR extensionheader. An SR extension header is a routing header (e.g., the type ofextension header associated with the SR extension header is “routing”)that can be used to control how packets are forwarded. In oneembodiment, the SR extension header includes an SR segment list.

At 206, the IPv6 header includes a second extension header, specificallyan SR trace header. The SR trace header is also a routing header thatprovides OAM functionality for the IPv6 packet. For example, the SRtrace header accumulates information indicating what route the packethas taken and what operations were performed by the nodes which thepacket traversed along the route.

After the SR extension headers, the IPv6 packet of FIG. 2 includes anupper layer protocol header, such as TCP header, as shown at 208.Following the upper layer protocol header is a payload, as shown at 210.The payload includes the data being transmitted in the packet, anyfooters, trailers, CRCs, checksums, and the like.

FIG. 3 is a block diagram illustrating an example segment routingextension header. The segment routing extension header shown in FIG. 3includes a segment list 314. In one embodiment, the segment routingextension header shown in FIG. 3 illustrates further details of thesegment routing extension header 204 shown in FIG. 2. As shown in FIG.3, the segment routing extension header includes a number of fields.

At 302, a next header field is shown. The next header includes an 8-bitvalue that identifies the type of header immediately following thesegment routing extension header. For example, the value can indicatethat another routing extension header is included in the packetfollowing the segment routing extension header. The next header fieldcan indicate one of a number of other types associated with the varioustypes of extension headers supported by IPv6, such as hop-by-hop,fragment, and the like. In one embodiment, the next header valuecorresponds to an upper level protocol header, such as a TCP header,indicating the no subsequent extension headers are present in thepacket.

The segment routing extension header also includes a header extensionlength field 304. The header extension length field includes an 8-bitunsigned integer. This value defines the length of the segment routingextension header in 8 byte units, not including the first 8 bytes. Themaximum value of an 8-bit number is 256. The header extension lengthfield 304 can therefore indicate that the length of the segment routingextension header (not including the first 8 bytes) is up to 2048 byteslong (256*8).

At 306, the segment routing extension header includes a routing typefield. The segment routing extension header is a routing extensionheader. The routing type field identifies which type of routing theextension header is associated with. In the case of the segment routingextension header of FIG. 3, the routing type field includes a value thatidentifies segment routing as the routing type.

At 308, the segment routing extension header includes a field thatindicates the next element in the segment list. This field functions asa pointer to identify the active segment in the segment list. As apacket is forwarded from segment to segment along its path, nodes (e.g.,segment endpoints) update this field to indicate the active segment. Thenext element in the segment list includes 16 bits. The first 12 bits, ormost significant 12 bits, provide an offset into the segment routingextension header. The location of the next segment that a packet willfollow can be determined by the value encoded in the next element field.The offset is expressed in bytes. For example, if the value encoded inthe next element field is 512, then an identifier for the next segmentin the path that the packet should follow can be found by counting 512bytes into the segment list 314.

Following the 12-bit offset, is a length multiplier bit. If the lengthmultiplier bit is not set, then the three bit value in the lengthportion of the field refers to 4-byte multiples. If the lengthmultiplier bit is set, then the three bits of the length field refer to16 byte multiples. Following the multiplier bit, are three length bits.The length bits specify the length of the active segment in either 4 or16-byte multiplies, depending on whether or not the multiplier bit isset. For example, if the three bit length value is 4, and the multiplierbit is not set, then the length of the next element is 16 bytes. Inanother example, if the three bit length value is 2, and the multiplierbit is set, then the length of the next element is 32 bytes.

At 310, the segment routing extension header includes a field thatpoints to the first element in the policy list. The policy list is thelist of routing information that follows the segment list in the segmentrouting extension header. In one embodiment, the policy list is notinspected for routing purposes. The policy list, in one embodiment, isinserted into the SR extension header at ingress to the SR domain (e.g.,by an ingress node) and removed at egress from the SR domain (e.g., byan egress node). The format of the field which identifies the firstelement of the policy list is as follows. The first 12 bits, or the mostsignificant 12 bits, provide an offset in the segment routing extensionheader that point to the location where the first element of the policylist is located. The location of the first element in the policy listcan be determined by the value encoded in the first element in thepolicy list field. The offset is expressed in bytes. For example, if thevalue encoded in the first element in the policy list field is 1024,then an identifier for the first element in the policy list can be foundby counting 1024 bytes into the segment routing extension header.

The next bit in the first element in the policy list field is amultiplier bit. If the length multiplier bit is not set, then the threebits of length in this field refer to 4-byte multiples. If the lengthmultiplier bit is set, then the three bits of length refer to 16 bytemultiples. The next three bits in the 16-bit first element in policylist field are length bits. The value of the three bit length fieldindicates the length of the first element in the policy list in either 4byte or 16-byte multiples, depending on whether or not the multiplierbit is set. For example, if the three bit length value is 4, and themultiplier bit is not set, then the length of the first element in thepolicy list is 16 bytes. In another example, if the three bit lengthvalue is 2, and the multiplier bit is set, then the length of the firstelement in the policy list is 32 bytes.

The next field in the segment routing extension header is the firstpolicy list mule, as shown at 312. The first policy list mule contains acopy of the mule (explained below) of the first policy list element inthe policy list. Storing a copy of the first policy list element mule atthis location in the segment routing extension header facilitates fastaccess to any flags that may have been updated as the packet traversedthe segment identified by the first policy element.

The next portion of the segment routing extension header, as shown at314, is a segment list. The segment list includes informationidentifying segments that the packet follows when being forwarding usingsegment routing, such as a list of segments. The first segment listelement in segment list 314 includes information identifying the secondsegment in the segment path. The first segment identifier (representingthe first segment in the list of segments that encodes the segment path)is not added to segment list 314 in one embodiment. Instead, a firstsegment identifier is extracted from the first segment element and iswritten to the destination address of the packet in the fixed IPv6header. Since the first segment identifier is already included in thedestination address, including the first segment identifier in the firstposition of the segment list would be redundant. Excluding the firstsegment identifier from the segment list enables effective utilizationof limited resources, such as memory, by keeping important information(e.g., information that is used to forward the packet) close to thefront of the segment routing extension header.

Traditional IPv6 uses fixed length addresses, e.g., of 128 bits. Forexample, a source address or a destination address included in an IPv6header, such as IPv6 header 202 of FIG. 2, uses 128 bits to identify thesource or destination of a packet. In some embodiments, SR uses fewerbits to identify a segment which a packet is to travel. Each of theelements in segment list 314 and policy list 316 is a variable lengthelement of, for example, 32 bits, 64 bits, 128 bits, or 256 bits. Thelength of segment list elements and policy list elements can be 32 bits.When one of these elements is 32 bits, the element includes a 4 bytesegment identifier (SID). If an element is 64 bits, the element includesa 32-bit autonomous system number (ASN) followed a 32-bit SID. Two bytesof the ASN number are encoded with the two leading bytes set to zero. Ifthe element is 128 bits, the element contains a plain 128-bit IPv6 typeaddress. For example, the IPv6 address of a particular node, such as thenode at which a given segment (e.g., a nodal segment or an adjacencysegment) ends is used as the SID for that segment. If the element is 256bits, the element contains two IPv6 addresses: an IPv6 source address;and an IPv6 destination address. Each element (whether a segment listelement (SLE) or a policy list element (PLE) also includes an 8-bit mulefield. The mule includes flags related to the segment list entry orpolicy list entry the mule is associated with. Details of the mule aregiven with respect to FIG. 4.

Following segment list 314 is policy list 316. As noted above, the firstelement of policy list 316 is the first segment list element. The secondpolicy list element of policy list 316 identifies the ingress node ofthe segment routing domain. The third policy list element of policy list316 identifies the egress node of the SR domain. Storing informationidentifying the ingress node and the egress node facilitates operationssuch as gathering statistics, filtering, deep packet inspection, and thelike. For example, if an operator wants to filter nodes that entered theSR domain via a given ingress node, the operator can examine the secondelement of the policy list of packets to determine whether the packetsentered the SR domain via the given ingress node.

FIGS. 4A-4F show additional details regarding an example SR extensionheader with a segment list. As described with regard to FIG. 3, both thesegment list and the policy list included in the segment routingextension header include elements. In one embodiment, segment listelements (SLEs) and policy list elements (PLEs) are encoded using thesame format. An example of a segment list element is shown at FIG. 4A.For the purposes of FIGS. 4A-4F, the description refers to a segmentlist element. It is understood that corresponding description applies topolicy list elements as well. The segment list element of FIG. 4Aincludes a segment identifier field 402 and a mule field 404.

FIG. 4B shows an example where the segment list element includes a32-bit segment identifier at 406 and an 8-bit mule at 408. FIG. 4C showsan example where the segment list element includes a 32-bit segmentidentifier and a 32-bit autonomous system number, at 410. The segmentlist element also includes, at 412, a mule. FIG. 4D shows, at 414, a128-bit IPv6 address. At 416, the segment list element shown in FIG. 4Dincludes attached 8-bit mule. FIG. 4E shows an example where, at 418, a256-bit field is included in the segment list element. A 256-bit fieldincludes an IPv6 source address and an IPv6 destination address, both of128 bits. At 420, the mule attached to the 256-bit segment element isshown.

FIG. 4F shows an example of a mule. As shown at 422, the first-bit ofthe mule-bit zero, includes a protected flag. The protected flagindicates whether a packet was rerouted during traversal of the segmentassociated with the segment ID in the segment list element with whichthe mule is associated. Bits 1-3 of the mule are reserved. In oneembodiment, reserved bits are set to zero. Bit 4 includes a lengthmultiplier. When not set, the three bits of length information refer to4 byte multiples, when set the three bits of length of information referto 16 byte multiples. Bytes 5-7 are the three length bits. The valuerepresented by the three bits of length is multiplied by either 4 or 16bytes depending on whether or not the length multiplier bit is set. Thelength value included in the mule defines the length of the next segmentelement. The length value is set to zero in the last element of thesegment list.

FIG. 5 is a block diagram illustrating an example format for adestination address, e.g., a 128-bit destination address in an IPv6packet header. FIG. 5 shows an example the destination address whenformatted for segment routing. The destination address is written to thedestination address field in the fixed IPv6 header, as shown at 202 ofFIG. 2. In one embodiment, an SR capable node, such as SR node 108 ofFIG. 1 rewrites the destination address to include the values describedbelow.

At 502, the destination address includes a segment routing protocolidentifier (SRPID). The SRPID is a 32-bit value that uniquely identifiesthe packet as an SR packet. That is, a node that examines a destinationaddress and finds an SRPID in the first 32 bits can conclude that thepacket is an SR packet and has at least one SR extension header. Thisimproves the speed with which packets containing SR extension headerscan be identified. Rather than parsing the entire packet header, a nodereceiving the packet can determine from the first 32 bits of thedestination address whether SR extension headers are present. The SRPIDcan be globally unique, such as an internet assigned numbers authority(IANA) value. Alternatively, the SRPID can be private, or locallyadministered value that identifies packets as SR packets.

The destination address includes, at 504, a 16-bit or 32-bit autonomoussystem number (ASN). If the ASN is 32 bits, the first 16 bits of the ASNfield are set to zero. In one embodiment, no ASN is included, and all 32bits of the ASN field are set to zero. Next, at 506, the destinationaddress includes a 32-bit segment ID. The 32-bit segment ID is uniquewithin the autonomous system if an ASN is present.

The destination address also includes, at 508, 8 bits of flags. The onlyflag that is defined in 508 is a fast reroute flag. The fast rerouteflag is set when the packet has been rerouted using fast reroute. Theflag can indicate either that fast reroute was performed on the previoussegment, or that fast reroute was performed at any point previously inthe packet's path.

At 510, the destination address includes 24 bits of entropy information,which provide load balancing efficiency. For example, if two nodes areconnected by multiple links, and packets between the nodes aredistributed among the links based on destination address, the entropybits provide a way of differentiating the destination address values sothat packets traversing the same segments (which would otherwise haveidentical destination addresses) are sent on different links. Since thedestination is actually specified by the SID in the destination addressfield, changing the entropy bits does not affect the path that packetstravel, e.g., packets may be forwarded on different links based on anode's detecting different values in the destination address field (dueto different entropy-bit values), but the node will still forward thepackets to the same destination nodes.

Forwarding a packet using SR in a native IP network can cause the packetto be received by several types of nodes. For example, the node may bereceived at an ingress node. The ingress node receives the packet from anon-SR node, and prepares the packet to be forwarded using SR. Thisinvolves, among other things, inserting a segment list which defines thepath to be followed by the packet.

After being forwarded from an ingress node, there are several types ofintermediate nodes the packet may be forwarded to between the ingressnode and an egress node. One type of intermediate node is a non-SRcapable node. A non-SR capable node does not utilize SR, but insteadforwards packets based on the node's interpretation of the destinationaddress field of the fixed IPv6 header attached to the packets. Anothertype of intermediate node is an SR capable node that is a transit nodewithin a segment. This type of node is not the endpoint of a segment.Transit nodes can inspect flags, forward the packet, and, in some cases,update an SR trace extension header. Intermediate nodes that are segmentendpoints can also modify the SR extension header to control how thepacket is forwarded, as well as updating flags in the SR extensionheader, updating the SR trace extension header, forwarding the packet,and other operations that are described below. In addition to an ingressnode and intermediate nodes, a packet can be forwarded to an egressnode, which prepares the packet to exit the SR domain and return toanother type of forwarding mechanism, such as IPv6, by stripping some orall of the SR forwarding information from the packet's header.

FIG. 6 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1. At 602, the nodereceives a packet, such as an IPv6 packet. Upon receipt of the packet,the node determines whether the packet is destined for the node or isjust to be forwarded. In one embodiment, the node parses the packetheader and locates a destination address. The node then compares thedestination address with the node's address to determine whether thenode's address matches the destination address. If so, the nodedetermines that the packet is addressed for the node. In someembodiments, only nodes that are the destination of a packet are allowedto examine and/or modify additional portions of the packet header.However, in some cases, SR nodes that are not the destination of apacket are permitted to read and modify extension headers in the packet.

At 604, the node determines whether the node is an ingress node, forexample to an SR domain. In one embodiment, this is a configurationsetting applied, for example, by a network operator. In such anembodiment, the node can check a flag or register value to determinewhether the node is an ingress node. Alternatively, a node can determinewhether the node is an ingress node depending on a destination addressassociated with the packet. For example, a packet arriving at a nodehaving a specific destination address can trigger a table lookup whichindicates that for the specific destination address the node is aningress node, and an ingress process is triggered based upon the nodedetermining that the node is an ingress node for that packet. Inresponse to determining that the node is an ingress node for a givenpacket, at 606 the node executes the ingress process. The ingressprocess is discussed in greater with regard to FIG. 7.

If the node is not an ingress node, the node determines, at 608, whetherthe node is an SR capable node. In one embodiment, this is aconfiguration setting applied, for example, by a network operator. Insuch an embodiment, the node can check a flag or register value todetermine whether the node is an ingress node. An SR capable node isconfigured to forward packets based on segment IDs, e.g., using SRforwarding tables. Nodes that are not SR capable may be interoperablewith those that are. If the node is not SR capable, the node forwardsthe packet using IPv6, at 610. In one embodiment, to forward a packetusing IPv6, the node reads the destination address in the IPv6 header,looks up an associated egress interface in an IPv6 forwarding table, andforwards the packet to the associated egress interface. If, on the otherhand, the node is an SR capable node, the node determines, at 612,whether the node is a segment end point. In one embodiment, thisinvolves the node extracting a segment ID from the destination addressof the packet and looking up a node associated with the segment ID in anSR forwarding table. If the segment ID identifies or is associated withthe node, then the node is the segment end point for that segment ID. Ifthe node is a segment endpoint, the node executes an end point process,at 614, as discussed in greater detail with regard to FIG. 8.

If the node is not a segment end point as determined at 612, the nodedetermines at 616 whether the node is an egress node. In one embodiment,determining whether the node is an egress node involves the nodecomparing the node's segment ID with a value stored in the policy listof the SR extension header, for example, the third entry of the policylist which contains, in some embodiments, information identifying theegress node for the SR domain. The node can locate the third entry inthe policy list by using an offset stored in the first entry in thepolicy list field, as well as the length (which is included in the firstpolicy list mule, and then calculating the locations for the second andthird entries in the same fashion. In another embodiment, the nodeexamines a flag in a segment routing extension header to determinewhether the node is an egress node. In the node is not an egress node,the node executes an intra-segment transit process at 618, as discussedin greater detail with regard to FIG. 9. Otherwise, if the nodedetermines at 616 that the node is an egress node, the node executes anegress process, as discussed in greater detail with regard to FIG. 10.

FIG. 7 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1. The node performs FIG. 7in response to determining that the node is an ingress node, as shown at604 of FIG. 6. The ingress node generates a segment routing extensionand header and adds the segment routing extension header to the IPv6packet received at 602 of FIG. 6. The IPv6 specification dictates thelocation in the IPv6 packet for all IPv6 extension headers. The node candetermine if other extension headers are present in the IPv6 packet. Ifso, the node determine where in the IPv6 packet to insert the segmentrouting extension header based on the IPv6 specification and the typesof extension headers already present (if any). For example, based on theextension header type, the node can insert the SR extension headerpreceding or following other extension headers in the packet. If noother extension headers are present, the node inserts the SR extensionheader between the fixed IPv6 header and an upper layer protocol header.

At 702, the node adds a segment list to the segment routing extensionheader, such as segment list 314 of FIG. 3. In one embodiment, thesegment list encodes a path to a destination, such as a destination thatthe node reads from the packet's IPv6 header destination address. Thesegment list can include one or more nodal segment identifiers, one ormore adjacency segment identifiers, and the like. As described above,each element in the segment list includes a segment ID and may alsoinclude additional information, such as an SRPID, an ASN, and the like.The size of each element can vary between 32 bits and 256 bits.

At 704, the node adds a policy list to the segment routing extensionheader, such as policy list 316 of FIG. 3. As noted, the first policylist entry of the policy list identifies the first segment in the path.That is, the first policy list entry in the policy list includes asegment identifier for the first segment in the segment path and a mule.The second policy list entry in the policy list inserted by the nodeinto the segment routing extension header is a policy list element thatidentifies the ingress node. The third policy list element of the policylist is the policy list element corresponding to the egress node. In oneembodiment, the ingress node and/or egress node policy list entriesinclude IPv6 destination addresses.

At 706, the node sets the next header field in the SR extension header.The next header field is an 8-bit selector that identifies the type ofheader immediately following the SR extension header. The node examinesthe header immediately following the SR extension header to determine atype associated with the following header. In one embodiment, the typeis included in a field within the following header. In one embodiment,the node modifies a next header value in the SR extension header andalso in a preceding extension header if there are additional extensionheaders in the IPv6 packet. For example, if a previous extension headerindicated that the next header was an upper layer protocol header,insertion of the segment routing extension header causes thatinformation to inaccurate. To correct this, the node updates theprevious extension header's next header field with a value indicatingthat the next header is the segment routing extension header. In oneembodiment, the node has access to a table indicating the types ofheaders and extension headers included in the IPv6 packet.

At 708, the node sets the header extension length field in the SRextension header. The header extension length is an 8-bit unsignedinteger representing the length of the segment routing extension headerin 8-byte units not including the first 8 bytes. In one embodiment, thenode calculates the length of the segment routing extension header. Forexample, the node can determine the number of segment list entries andpolicy list entries included in the segment routing extension header,can determine the length of each of those entries, and can compute thetotal length of the segment routing extension header. The node theninserts the total length value into the header extension length field.

At 710, the node sets the routing type value in the segment routingextension header. In one embodiment, the node maintains or has access toa table that includes mappings between various types of routing andvalues representing those types of routing. The node selects the valueassociated with SR and inserts the value into the routing type field.

At 712, the node updates the next element field in the segment routingextension header. The next element field represents a pointer, oroffset, to the next segment element, which includes a SID associatedwith the next segment a packet should be forwarded along. When that SIDis copied to the destination address of the packet, the next elementfield is updated to point to the next segment list element in thesegment list. In one embodiment, this involves the node computing thelength of the segment list element from which the SID is being copied,and adding that value to the value currently in the next element field.In the case of the ingress router, the next element is the first elementin the segment list. In this case, the value of the next element fieldis set to zero. When the packet reaches the destination specified in thedestination address of the IPv6 header (the node associated with thefirst SID in the segment path), the SID associated with the firstelement is copied into the destination address and the next elementfield is updated to point to the second segment list element, and so on.The length of the current segment is calculated and added to the nextelement field so that the next element field specifies an offset intothe segment list that corresponds to the beginning of the next segment.In one embodiment, the length is calculated by counting the bytes in thecurrent segment. In another embodiment, the length is calculated byaccessing the mule associated with the previous segment. The mulespecifies a length and multiplier which the node can use to determinethe offset that should be added to the next element in the segment listfield. In the case of the first node, the length is available in thefirst policy list mule, which is included in the SR extension header andidentifies the length of the first segment.

At 714, the node copies the first segment identifier to the firstelement of the policy list and also updates the first element in thepolicy list field at the top of the segment routing extension header.The segment element associated with the first segment in the path iscopied to the first element in the policy list so that the first segment(which is not included in the segment list, but is instead included inthe destination address in the fixed IPv6 header) can be easilyidentified for OAM purposes. To facilitate access to the policy list, anoffset, or pointer, value is included in the first element in the policylist field of the SR extension header. The node calculates the length ofthe segment list, and uses that value as an offset indicating where inthe SR extension header the policy list begins. In one embodiment, thenode reads the mule for each segment list element and adds the valuesincluded therein.

At 716, the node copies the first policy list element's mule to thefirst policy list element mule field at the top of the segment routingextension header. Doing so facilitates quick access to the length andany flags associated with the first policy element, which is the firstsegment in the segment path. As the number of bytes which can beprocessed by hardware, such as one or more CPUs associated with thenode, is limited, efforts are made to include important information,e.g., information that is likely to be accessed, towards the front ofthe packet. This reduces the probability of a second read being used toaccess the information, and therefore avoids performance degradation.

At 718, the node locates the last segment list element in the segmentlist and copies the destination address from the IPv6 fixed headerdestination address field to the last segment list element in thesegment list. Preserving the original destination address enables thenode to restore to the destination address field in the IPv6 fixedheader after the segment routing is complete, e.g., on egress from theSR domain. In one embodiment, the source address in the source addressfield of the IPv6 header is not changed. In another embodiment, thesource address is overwritten with the source address of the ingressnode. If the source address is to be overwritten, the source address canfirst be preserved, e.g., by copying the source address to a segmentlist element in the segment list or a policy list element in the policylist.

At 720, the node updates the destination address in the IPv6 fixedheader. This involves copying the segment identifier corresponding tothe first segment in the segment ID stack into the destination addressfield of the fixed IPv6 header. The node may also write additionalinformation to the destination address field, such as an SRPID, an ASN,and the like.

At 722, the node determines whether a segment routing trace header ispresent. This involves determining whether the node immediatelyfollowing the segment routing extension header has a type associatedwith segment routing trace headers. If so, the node updates the segmentrouting trace header at 724, as discussed in greater detail with regardto FIG. 13. Subsequent to updating the segment routing trace header, orif no segment routing trace header is present in the packet, the nodeforwards the packet along the segment path indicated by the segment IDstack. In one embodiment, this involves the node accessing the SIDincluded in the destination address of the packet, identifying an egressinterface associated with the SID, e.g., by performing a lookup in an SRforwarding table, and sending the packet to the identified egressinterface.

FIG. 8 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1. In response to receivinga packet, as shown for example at 602 of FIG. 6, a node determineswhether the node is an end point of the segment the packet is following.For example, the node determines whether the packet is addressed to thenode. In one embodiment, routing headers are not examined until thepacket reaches the node specified in the destination address. In anotherembodiment, nodes that are not indicated in the destination address ofthe packet are allowed to modify and examine the extension headers inthe packet.

At 802, the node reads the packet's destination address from thedestination address field of the fixed IPv6 header. The SID associatedwith the packet is encoded in the destination address of the header. Thenode decodes the destination address and compares the SID in thedestination address with the node's address. If the two are identical,the packet is destined for the node, and the node is the endpoint of thesegment the packet is travelling (or has just travelled).

The node determines at 804 whether the packet is an SR packet. In oneembodiment, this involves the node detecting that the destinationaddress of the packet includes a segment routing protocol ID, anautonomous system number, and/or a segment ID in the destinationaddress. If the node determines that the packet is not an SR packet, thenode forwards the packet using IP forwarding information at 806. In oneembodiment, forwarding a packet using IPv6 involves the node reading thedestination address in the IPv6 header, looking up an associated egressinterface in an IPv6 forwarding table, and forwarding the packet to theassociated egress interface.

If the node determines that the packet is an SR packet, at 808 the nodereads the segment routing extension header. In one embodiment, thisinvolves determining the next element in the segment list. The node candetermine the next element in the segment list by accessing a pointer inthe header, such as the next element in the segment list field as shownat 308 of FIG. 3. The node can read the pointer and determine, based onthe information in the pointer, what the next segment in the segmentlist is. At 810, the node updates the destination address in the fixedIPv6 header of the packet. In one embodiment, this involves writing anaddress to the destination address field that includes a segment ID readfrom the next element in the segment list.

Updating the destination address at 810, in one embodiment, involveschecking the segment list element length, e.g., by reading the length inthe mule of the preceding segment list element. If the length is 32bits, the node extracts the 32-bit segment identifier and copies thesegment identifier into the segment identifier field of the destinationaddress. If the segment list element length is 64 bits, the nodeextracts an autonomous system number and the segment identifier andcopies the autonomous system number and segment identifier to theirrespective fields in the destination address. If the next segmentidentifier is encoded as 128-bit address, the node extracts the 128-bitsegment identifier (e.g., an IPv6 address) and copies the entire addressinto the destination address. If the next segment identifier is encodedas a 256-bit address, the node extracts 128 bits (e.g., the second 128bits, which correspond to an IPv6 destination address) and copies theentire address into the destination address.

At 812, the node updates the segment routing extension header. In oneembodiment, this involves updating the next element in the segment listto point to the next element in the segment list. To calculate the newoffset to be included in the next element field, the node reads thelength value in the mule associated with the previous segment listelement (e.g., the segment list element corresponding to the segment forwhich the node is the endpoint) and adds the length value to the offsetin the next element field, such that the next segment list element fieldpoints to the segment list element in the segment list that will next beinspected and it represents the next segment.

At 814, the node determines whether the node is an ingress node. In oneembodiment, this involves the node comparing the incoming destinationaddress with the last field with the policy list. In another embodiment,this involves the node determining that there is only one remainingelement in the segment list. That is, the last segment list element inthe segment list includes the destination address that was included inthe packet when the packet arrived at an ingress node the SR domain. Ifthe node detects, at 814, that the node is an egress node, the nodeexecutes an egress process at 816. The details of executing an egressprocess are discussed in greater detail with regard to FIG. 10.Subsequent to executing the egress flow, the node forwards the packetusing IPv6, at 806.

If the node detects that the node is not an egress node, the nodedetermines, at 818, whether a segment routing trace extension header ispresent in the packet. In one embodiment, this involves the nodeexamining the next header type field, as shown at 302 of FIG. 3. If thenext header indicates that the next header type value is a value thatthe node recognizes as being associated with the segment routing traceextension header, then the node concludes that a trace extension headeris present in the packet. In this case, the node updates the segmentrouting trace extension header at 820. Additional details regardingupdating trace extension header are discussed with regard to FIG. 13.

At 822, the node forwards the packet using SR forwarding information. Inone embodiment, this involves the node accessing the SID included in thedestination address of the packet, identifying an egress interfaceassociated with the SID, e.g., by performing a lookup in an SRforwarding table, and sending the packet to the identified egressinterface.

FIG. 9 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1, in response to receivinga packet, as shown at 602 of FIG. 6. In one embodiment, steps of FIG. 9are performed by a node that is a transit node within a segment. Thatis, the node that performs the steps of FIG. 9 is an SR capable nodethat is not a segment end point.

At 902, the node reads the packet's destination address as describedabove with regard to FIG. 8. If the node determines that the packet isnot an SR packet, the node forwards the packet using an IP forwardinginformation at 906. In one embodiment, forwarding a packet using IPv6involves the node reading the destination address in the IPv6 header,looking up an associated egress interface in an IPv6 forwarding table,and forwarding the packet to the associated egress interface.

If the node determines that the packet is an SR packet, the nodedetermines at 908 whether the packet includes an SR trace extensionheader. In one embodiment, this involves the node examining the nextheader type within the SR extension header, for example, as shown in 302of FIG. 3. If the next header indicates that a trace extension header ispresent in the packet, the node updates the segment routing extensiontrace header at 910. Additional details regarding updating a traceextension header are discussed with regard to FIG. 13. At 912, the nodeforwards the packet using segment routing forwarding information. In oneembodiment, this involves the node accessing the SID included in thedestination address of the packet, identifying an egress interfaceassociated with the SID, e.g., by performing a lookup in an SRforwarding table, and sending the packet to the identified egressinterface.

FIG. 10 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1, in response to receivinga packet, as shown at 602 of FIG. 6. In response to detecting that thenode is an egress node, for example as shown at 616 of FIG. 6, the nodeperforms the method of FIG. 10. The node restores the originaldestination address at 1001. In one embodiment, this involves the nodelocating the last segment list element in the segment list. This can beaccomplished via the offset in the next element in the segment listfield. Next, the node copies the 128-bit IPv6 address stored in the lastsegment list element to the destination address field of the packet. At1002, the node removes the segment routing extension header from thepacket. At 1004, the node detects whether a segment routing traceextension header is present. If so, the node removes the segment routingtrace extension header at 1006. At 1008, the node forwards the packetusing IP forward information, as described above.

FIG. 11 shows an example of a segment routing IPv6 trace extensionheader. The header can be used to perform OAM functions for packetsforwarded using segment routing. The header includes a next header field1102, a header extension length field 1104, and a routing type field1106. These fields are specified by the IPv6 specification andcorrespond to fields 302 through 306 of FIG. 3.

The header also includes a top segment element length field at 1108 anda segment list 1110. The top segment element length field is an 8-bitfield that gives the length of the top element in the segment stack. Thefirst four bits are reserved. Following the four reserved bits is alength multiplier bit. If the length multiplier bit is not set, then the3-bit value in the length portion of the field refers to 4-bytemultiples. If the length multiplier bit is set, then the three bits ofthe length field refer to 16-byte multiples. Following the multiplierbit are three length bits. The length bits specify the length of the topsegment element in either 4 or 16-byte multiplies, depending on whetheror not the multiplier bit is set.

The segment list in the SR trace header works like a stack. As a packettraverses nodes in the path specified by the SR extension header, thenodes push segment elements onto the top of the segment list. Each nodethat is authorized to modify the trace extension header can push itssegment element onto the segment list 1110. In this way, a record iscreated of which nodes a packet carrying a segment routing traceextension header has traversed. Each of the segment elements in segmentlist 1110 also includes a mule field, as discussed in greater withregard to FIG. 12. The nodes which update the trace extension header canupdate the fields of the mule as well. In one embodiment, only nodesthat are the endpoint of a segment are configured to update the traceextension header, while in other embodiments, any SR capable node isconfigured to update the trace extension header.

FIGS. 12A-12F show additional details regarding segment list elementsincluded in a segment list of an example SR trace extension header, asshown at 1110 of FIG. 11. For example, FIG. 12A shows an example of asegment list element having two fields, a segment identifier 1202, and amule at 1204.

FIG. 12B shows an example where the segment list element includes a32-bit segment identifier at 1206 and an 8-bit mule at 1208. FIG. 4Cshows an example where the segment list element includes a 32-bitsegment identifier and a 32-bit autonomous system number, at 1210. Thesegment list element also includes, at 1212, a mule. FIG. 12D shows, at1214, a 128-bit IPv6 address. At 1216, the segment list element shown inFIG. 12D includes attached 8-bit mule. FIG. 12E shows an example where,at 1218, a 256-bit field is included in the segment list element. A256-bit field includes an IPv6 source address and an IPv6 destinationaddress, both of 128 bits. At 1220, the mule attached to the 256-bitsegment element is shown.

FIG. 12F shows additional details of the mule attached to the segmentlist element, such as mule 1204. The mule contains flags related to thesegment element the mule is a part of. The mule also contains the lengthof the next segment element entry. One byte of the mule is used asfollows. There are 5 bits of flags. The first bit, bit zero, is aneffective flag. This bit is set by a node in response to the nodedetecting that the packet is transmitted, or forwarded, by the node. Thesecond bit, bit 1, is a protecting node flag. The node sets this bitwhen the node has done fast rerouting protection, e.g., in response todetecting a failure. The third bit, bit 2, is an ingress flag. When set,the segment identifier associated with this segment element identifiesan ingress node. The fourth bit, bit 3, is an egress flag. When set, thesegment identifier associated with this segment element identifies anegress node. The fifth bit, bit 4, is a length multiplier. When not set,the 3 bits of length, in the length field of the byte of flags in themule refer to 4-byte multiples. When set, the 3 bits of length refer to16-byte multiples. The last 3 bits of the mule, bits 5-7, encode a valuethat represents the length of the next segment element. The 3 bits oflength are a value which is multiplied by either 4 or 16 depending onwhether the length bit is set. The length value is set to zero in thelast element of the list.

FIG. 13 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1, in response to receivinga packet, as shown at 602 of FIG. 6. The node performs the operations inresponse to detecting that a trace extension header is present in thepacket. At 1302, the node sets the flags in the mule of a segment listelement corresponding to the node in the trace extension header.Additional details regarding this are provided with regard to FIG. 14.At 1304, the node pushes a segment list element onto the segment routingtrace extension header stack. In one embodiment, the segment elementcorresponds to the segment that is currently being traversed by thepacket, or which has just been traversed by the packet (e.g., in theexample in which the node is a segment endpoint).

FIG. 14 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1, in response to receivinga packet, as shown at 602 of FIG. 6 and determining that there is atrace extension header that should be updated.

At 1402, the node sets the effective bit of the mule in the traceextension header. This indicates that the node has effectively transitedthe packet. At 1404, the node determines whether the node will bererouting the packet. In one embodiment, this involves detecting whethera reroute condition exists and whether reroute backup paths have beencomputed. If the node is rerouting the packet, the node sets the fastreroute bit, at 1406.

Otherwise, the node determines whether the node is an ingress node at1408. In one embodiment, this involves examining an ingress flag in asegment routing extension header. In another embodiment, the node cancompare a segment ID associated with the node with a segment ID includedin the second element of the policy list of an SR extension headerincluded in the packet, such as the SR extension header shown in FIG. 3.If the node determines that the node is an ingress node, the node setsthe ingress bit in the trace extension header's mule at 1410.

At 1412, the node determines whether the node is an egress node. In oneembodiment, this involves determining that the next element field in asegment routing extension header points to the last element of thesegment list. In another embodiment, this involves comparing a segmentID associated with the node with a segment ID included in the thirdelement of the policy list of an SR extension header included in thepacket, such as the SR extension header shown in FIG. 3. If the nodedetermines that the node is a egress node, at 1414, the node sets theegress bit in the trace extension header's mule.

At 1416, the node determines whether 4 or 16-byte multipliers should beapplied to the length field of the mule. In one embodiment, thisinvolves accessing a configuration value specified by, for example, anoperator. If the configuration specifies that a 16-byte multipliershould be used, the node sets a length multiplier bit at 1418. At 1420,the node sets the three bit length value in the trace extension header'smule. In one embodiment, this involves calculating (e.g., by countingbytes) a length for the segment element directly under the segmentelement with which the mule is associated in the segment list.

FIG. 15 is a flow chart illustrating an example process employed by anode, such as one of the nodes shown in FIG. 1. FIG. 15 can also beperformed by a testing module. At 1502, the node selects a first segmentID from the segment routing extension header. In one embodiment, thisinvolves selecting the first policy element from the policy list. At1504, the node selects a first segment ID from the segment routing traceextension header. In one embodiment, this involves selecting the bottommost segment ID on the stack included in the segment routing traceextension header. In both 1502 and 1504, the node may extract thesegment ID from the segment list element or policy list element.

At 1506, the node compares the segment ID from the extension header withthe segment ID from the trace header to determine whether the segmentIDs match. If the segment IDs are identical, this means that a noderecorded (by pushing its segment ID onto the trace extension header) thepacket transiting the node that the packet was intended to transit basedon the segment list in the segment routing extension header with segmentlist. At 1508, the node determines whether the protected flag is set,for example in a trace extension header mule. If so, this means thatwhile the packet transited the node intended it did so as a result ofhaving been rerouted. If the packet was rerouted, the node indicates, at1510, that the path was not completed and the method ends.

Otherwise, the node determines, at 1512 whether more segment IDs existin the segment list in the segment routing extension header. If so, at1514, the node selects segment ID from the segment routing extensionheader. At 1516, the node selects the next segment ID from the segmentrouting trace extension header. The method repeats iteratively until thenode detects that no more segment IDs remain in the segment listincluded in the segment routing extension header. At 1518, the nodeindicates that the path was successfully completed.

FIGS. 16A-16E illustrate an example use case based on, for example, thenetwork shown in FIG. 1. FIG. 16A shows information related to the stateof a packet at node A. In one embodiment, the packet can arrive at nodeA from a host, which generated the packet, and be destined for node Z.Node A writes its own address into the source address field of thepacket and writes Z into the destination address field of the packet.Both the address A and the address Z are represented by 128-bit valuesin the source address field and destination address field, respectively,of the fixed IPv6 header of the packet. At this point, no segmentrouting extension header or segment routing trace extension header arepresent.

As the destination address in the packet is Z, node A forwards thepacket towards the destination address, namely to node B. As shown inFIG. 16B, the source address is left unmodified, though in oneembodiment it is overwritten with an address representing node B. NodeB, which represents an ingress node to the SR domain, overwrites thedestination address with a destination address representing a segmentidentifier to node C. The format of the destination address is, in oneexample, as shown in FIG. 5. That is, the destination address caninclude a 32-bit segment identifier, a 32-bit SRPID, and a 32-bit ASN.Node B, as the ingress node to the SR domain, also generates a segmentrouting extension header, and inserts the segment routing extensionheader in the appropriate place in the packet. For example, node Bpushes the SR extension header into the packet as shown at Figure 204 ofFIG. 2. The SR extension header includes, among other fields (notshown), a segment list comprising segment list elements 1-3, and apolicy list, including policy list elements 1-3. Since node C's segmentidentifier has been put into the destination address of the packet, nodeD is the next segment in the path. A segment identifier representingnode D is encoded in segment list element 1. Segment list element 1 alsoincludes a mule, which includes information specifying the length ofsegment list element 2. The segment routing extension header alsoincludes an offset value (e.g., the next element in the SL field) whichindicates that segment list element 1 is the next segment list elementthe packet should traverse. This is represented by the arrow pointing tosegment list element 1. After the packet reaches node D, the nextsegment to be traveled by the packet ends at node E. A segmentidentifier for this segment is encoded in segment list element 2.Segment list element 2 also includes a mule which includes the length ofsegment list element 3. Following the segment to node E is segment listelement 3, which includes the original destination address Z.

For purposes of OAM, policy list element 1 includes the first segmentbeing traveled by the packet. Policy list element 1 also includes a mulewhich includes the length of policy list element 2. Policy list element2 includes a segment identifier for node B, which is the ingress node.Policy list element 2 also includes a length value for policy listelement 3. Policy list element 3 includes a segment identifier for nodeE, which is the egress node for the segment routing domain.

Also shown in FIG. 16B, is a trace extension header. Node B inserts thetrace extension header into the packet. In one embodiment, node Binserts the trace extension header immediately following the segmentrouting extension header in the packet, for example, at 206, as shown inFIG. 2. Node B also pushes a first segment list element onto a stackincluded in the trace extension header. Segment list element 1 includesa segment identifier for Node B. Node B also updates the mule to set theflags indicating that the packet was effectively transmitted and whetheror the not the packet was rerouted.

FIG. 16C shows operations performed when the packet arrives at node C.Node C updates the destination address with a segment identifierextracted from the active segment, which was indicated by the offset toelement 1. Thus, node C writes the segment identifier representing nodeD to the destination address of the packet. Node C also updates the nextelement pointer, for example 308, of FIG. 3, to point to the nextsegment list element in the segment routing extension header. In thisexample, the offset points the segment list element 2. Node C alsoupdates the trace extension header by pushing the segment identifierrepresenting node C onto the stack. The segment list element alsoincludes a mule which includes the length of segment list element 1.Node C also updates the mule to set the flags indicating that the packetwas effectively transmitted and whether or the not the packet wasrerouted.

FIG. 16D shows what happens when the packet arrives at node D. Node Dupdates the destination address with the extracted segment ID from theactive segment, which corresponds to node E. Node E also updates thesegment routing extension header next element offset to point to thenext element in the segment routing extension header, which is segmentlist element 3. Node E also updates the trace extension header bypushing the segment identifier corresponding to bode D onto the stack,and updating the mule associated with the segment list elementidentifier to reflect the length of segment list element 2. Node D alsoupdates the mule to set the flags indicating that the packet waseffectively transmitted and whether or the not the packet was rerouted.

At FIG. 16E, the packet arrives at node E, which is the egress node forthe segment routing domain. In response to the node determining that thenode is the segment routing domain egress node, the node restores theoriginal destination address Z. The node also removes the segmentrouting extension header and trace extension header from the packet.

Example Node

FIG. 17 is a block diagram illustrating certain additional and/oralternative components of nodes that can be employed in the networkshown in FIG. 1. In this depiction, node 1700 includes a number of linecards (line cards 1702(1)-(N)) that are communicatively coupled to aforwarding engine or packet forwarder 1710 and a processor 1720 via adata bus 1730 and a result bus 1740. Line cards 1702(1)-(N) include anumber of port processors 1750(1,1)-(N,N) which are controlled by portprocessor controllers 1760(1)-(N). It will also be noted that forwardingengine 1710 and processor 1720 are not only coupled to one another viadata bus 1730 and result bus 1740, but are also communicatively coupledto one another by a communications link 1770.

The processors 1750 and 1760 of each line card 1702 may be mounted on asingle printed circuit board. When a packet or packet and header arereceived, the packet or packet and header may be identified and analyzedby router 1700 in the following manner. Upon receipt, a packet (or someor all of its control information) or packet and header is sent from theone of port processors 1750(1,1)-(N,N) at which the packet or packet andheader was received to one or more of those devices coupled to data bus1730 (e.g., others of port processors 1750(1,1)-(N,N), forwarding engine1710 and/or processor 1720). Handling of the packet or packet and headercan be determined, for example, by forwarding engine 1710. For example,forwarding engine 1710 may determine that the packet or packet andheader should be forwarded to one or more of port processors1750(1,1)-(N,N). This can be accomplished by indicating to correspondingone(s) of port processor controllers 1760(1)-(N) that the copy of thepacket or packet and header held in the given one(s) of port processors1750(1,1)-(N,N) should be forwarded to the appropriate one of portprocessors 1750(1,1)-(N,N). In addition, or alternatively, once a packetor packet and header has been identified for processing, forwardingengine 1710, processor 1720 or the like can be used to process thepacket or packet and header in some manner or add packet securityinformation, in order to secure the packet. On a node sourcing such apacket or packet and header, this processing can include, for example,encryption of some or all of the packet's or packet and header'sinformation, the addition of a digital signature or some otherinformation or processing capable of securing the packet or packet andheader. On a node receiving such a processed packet or packet andheader, the corresponding process is performed to recover or validatethe packet's or packet and header's information that has been thuslyprotected.

Node 1700 may also employ any number of software, firmware, and/orhardware configurations. For example, one or more of the embodimentsdisclosed herein may be encoded as a computer program (also referred toas computer software, software applications, computer-readableinstructions, or computer control logic) on a computer-readable storagemedium. Examples of computer-readable storage media includemagnetic-storage media (e.g., hard disk drives and floppy disks),optical-storage media (e.g., CD- or DVD-ROMs), electronic-storage media(e.g., solid-state drives and flash media), and the like. Such computerprograms can also be transferred to node 1700 for storage in memory viaa network such as the Internet or upon a carrier medium.

The computer-readable medium containing the computer program may beloaded into node 1700. All or a portion of the computer program storedon the computer-readable medium may then be stored in system memoryand/or various portions of storage devices coupled to node 1700 (notshown). When executed by processor 1720, a computer program loaded intonode 1700 may cause processor 1720 to perform and/or be a means forperforming the functions of one or more of the embodiments describedand/or illustrated herein. Additionally or alternatively, one or more ofthe embodiments described and/or illustrated herein may be implementedin firmware and/or hardware.

Although the present disclosure has been described with respect tospecific embodiments thereof, various changes and modifications may besuggested to one skilled in the art. It is intended such changes andmodifications fall within the scope of the appended claims.

What is claimed is:
 1. A method comprising: a first network node in anetwork of nodes receiving a packet, wherein the packet comprises aninternet protocol (IP) header, which comprises a destination IP addressfield, wherein the packet comprises a first list of elements thatcomprise a plurality of segment identifiers, respectively, wherein thepacket comprises a second list that comprises a plurality of IPaddresses, and wherein a first element of the first list comprises anodal segment identifier (SID), wherein the nodal SID uniquelyidentifies a node in the network; the first network node comparing afirst network address with one of the IP addresses in the second list;the first network node updating the packet by removing the first andsecond lists from the packet in response to determining that the firstnetwork address is equal to the one of the IP addresses; and the firstnetwork node forwarding the updated packet.
 2. The method of claim 1wherein the first network address uniquely identifies the first networknode within the network of nodes.
 3. The method of claim 1 furthercomprising the first network node updating the destination IP addressfield in response to determining that the first network address is equalto the one of the IP addresses in the second list.
 4. The method ofclaim 3 wherein the updating the destination IP address field comprisescopying an IP address to the destination IP address field.
 5. The methodof claim 1 wherein the first network node is an egress node of thenetwork of nodes.
 6. The method of claim 4 wherein the IP address is anIPv6 address.
 7. The method of claim 1 wherein the packet furthercomprises a segment routing trace header, and wherein the updatingfurther comprises removing the segment routing trace header from thepacket.
 8. The method of claim 4 wherein the first network node forwardsthe updated packet based on the IP address copied to the destination IPaddress field.
 9. The method of claim 1 wherein the destination IPaddress field comprises a first SID when the packet is received by thefirst network node.
 10. The method of claim 9 wherein the first SIDuniquely identifies the first network node in the network of nodes. 11.A system comprising: a first network node comprising a memory and aprocessor configured to implement a method in response to executinginstructions stored in the memory and in response to the first nodereceiving a packet, wherein the packet comprises an internet protocol(IP) header, which comprises a destination IP address field, wherein thepacket comprises a first list of elements that comprise a plurality ofsegment identifiers, respectively, wherein the packet comprises a secondlist that comprises a plurality of IP addresses, and wherein a firstelement of the first list comprises a nodal segment identifier (SID),wherein the nodal SID uniquely identifies a node in a network of nodes,wherein the method comprises: the first network node comparing a firstnetwork address with one of the IP addresses in the second list; thefirst network node updating the packet by removing the first and secondlists from the packet in response to determining that the first networkaddress is equal to the one of the IP addresses; and the first networknode forwarding the updated packet.
 12. The system of claim 11 whereinthe method further comprises the first network node updating thedestination IP address field in response to determining that the firstnetwork address is equal to the one of the IP addresses in the secondlist.
 13. The system of claim 12 wherein the updating the destination IPaddress field comprises copying an IP address to the destination IPaddress field.
 14. The system of claim 13 wherein the IP address is anIPv6 address.
 15. The system of claim 11 wherein the first network nodeis an egress node of the network of nodes.
 16. The system of claim 13wherein the first network node forwards the updated packet based on theIP address copied to the destination IP address field.
 17. The system ofclaim 11 wherein the destination IP address field comprises a first SIDwhen the packet is received by the first network node.
 18. The system ofclaim 17 wherein the first SID uniquely identifies the first networknode in the network of nodes.
 19. A computer readable medium comprisingexecutable instructions, wherein a network node implements a method inresponse to executing the instructions, the method comprising: receivinga packet, wherein the packet comprises an internet protocol (IP) header,which comprises a destination IP address field, wherein the packetcomprises a first list of elements that comprise a plurality of segmentidentifiers, respectively, wherein the packet comprises a second listthat comprises a plurality of IP addresses, and wherein a first elementof the first list comprises a nodal segment identifier (SID), whereinthe nodal SID uniquely identifies a node in a network of nodes;comparing a first network address with one of the IP addresses in thesecond list; updating the packet by removing the first and second listsfrom the packet in response to determining that the first networkaddress is equal to the one of the IP addresses; forwarding the updatedpacket.